2 matches found
CVE-2026-34392
LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. From 20.0.0 to before 27.0.3 and 28.0.1, a bug in the static file router can allow an attacker to traverse outside of the intended directory...
PT-2026-31414
Name of the Vulnerable Software and Affected Versions LORIS versions 20.0.0 through 27.0.2 and 28.0.0 Description A flaw exists in the static file router of LORIS, a web application for neuroimaging research data management. This issue allows an attacker to access files outside the intended...